[COMMON][CERTS] Allow to provide custom certs easily Instead of mandating to provide custom certificates before creation of helm packages, let's propose to include certificates from a known secret or configmap. The current implementation will first search for secret and if not provided will look for configmap. Issue-ID: OOM-2731 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If2f90adc18efe59c0516db9409964a236bd17a66

commit: bd94a04227a235319b3246e52cadc7c1e96f9c22 [log] [tgz]
author: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Mon Apr 19 16:00:49 2021 +0200
committer: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Thu May 06 06:29:46 2021 +0000
tree: f4f817dd18994012f85d9bceb1685c409e8d1f2f
parent: f6465e1e1386cd090ab9a125683304e57f373c19 [diff] [blame]
diff --git a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
index d955ecd..ec1ce94 100755
--- a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
+++ b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh

@@ -17,6 +17,7 @@
 */}}
 
 CERTS_DIR=${CERTS_DIR:-/certs}
+MORE_CERTS_DIR=${MORE_CERTS_DIR:-/more_certs}
 WORK_DIR=${WORK_DIR:-/updatedTruststore}
 ONAP_TRUSTSTORE=${ONAP_TRUSTSTORE:-truststoreONAPall.jks}
 JRE_TRUSTSTORE=${JRE_TRUSTSTORE:-$JAVA_HOME/lib/security/cacerts}
@@ -47,6 +48,13 @@
   fi
 done
 
+for f in $MORE_CERTS_DIR/*; do
+  if [ ${f: -4} == ".pem" ]
+    then
+      cp $f $WORK_DIR/.
+  fi
+done
+
 # Prepare truststore output file
 if [ "$AAF_ENABLED" = "true" ]
   then
commit	bd94a04227a235319b3246e52cadc7c1e96f9c22	[log] [tgz]
author	Sylvain Desbureaux <sylvain.desbureaux@orange.com>	Mon Apr 19 16:00:49 2021 +0200
committer	Sylvain Desbureaux <sylvain.desbureaux@orange.com>	Thu May 06 06:29:46 2021 +0000
tree	f4f817dd18994012f85d9bceb1685c409e8d1f2f
parent	f6465e1e1386cd090ab9a125683304e57f373c19 [diff] [blame]